Privacy Policy
Emergency Cases
Please feel welcome to contact our friendly reception staff with any general or medical enquiry call us.
Opening Hours
Monday – Friday 8.00 – 7:00 pm
Saturday 9.00 – 8.00 pm
Sunday 10.00 – 9.00 pm
We are glad you are taking your time to read Mother & Child Hospital’s Privacy Policy.
Mother & Child Hospital Ltdis referred to in this Privacy Policy as “Hospital”, “We”, “Our” or “Us”. An individual who is the subject of the personal data is referred to as “Client”, “User” or “Patients”.
This is our Privacy Policy which may be accessed from our webpage at https://motherandchild.hospital/privacy-policy or may be obtained as a hard copy when you submit personal data at our offices.
We understand that your privacy is important to you and we care about how your personal data is used. We respect and value the privacy of all our clients, patients, and users and we will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the Data Protection legislation (as defined hereinbelow).
This Privacy Policy only covers our clients and patients. Our employees’ or third-party vendors’ personal details are handled in line with the terms of the employment agreement or contractual relationships, or our separate policies that we provide, as relevant, independent of this Privacy Notice.
1.1 We are a 24-hour, 50-bed capacity fully-fledged modern medical facility. Our registered address is; Postal address P.O Box 77918, First Avenue Eastleigh, Opposite DD Plaza, Nairobi, Email address: info@motherandchild.hospital and Telephone Number: + 254722570363.
1.2 The Hospital is a “DATA CONTROLLER” in relation to the processing activities described below. This means that we determine the purpose and means of Processing your personal data (or personal data you provide).
1.3 The Hospital is registered as a “DATA CONTROLLER” with the Office of the Data Protection Commissioner.
1.2 The Hospital is a “DATA CONTROLLER” in relation to the processing activities described below. This means that we determine the purpose and means of Processing your personal data (or personal data you provide).
1.3 The Hospital is registered as a “DATA CONTROLLER” with the Office of the Data Protection Commissioner.
2.1 This Privacy Policy explains how we use your personal data; the personal data we collect, how it is collected, how it is held, and how it is processed. It also explains your rights under the law relating to your personal data.
2.2. We will process any personal data we collect from you in accordance with this Privacy Policy and our Terms and Conditions of Service (together with any other documents referred to in it). Kindly carefully read this Policy so that you can understand how we handle your personal data.
2.2. We will process any personal data we collect from you in accordance with this Privacy Policy and our Terms and Conditions of Service (together with any other documents referred to in it). Kindly carefully read this Policy so that you can understand how we handle your personal data.
3.1. Processing of personal data is governed by the Data Protection Act, 2019 (‘the Act’), The Data Protection General Regulations 2021, The Data Protection (Registration of Data Controllers and Data Processors) 2021, The Data Protection (Complaints Handling and Enforcement Procedures) Regulations 2021 as may be amended from time to time, and any other regulations made thereunder (collectively, “the Data Protection Legislation”).
3.2. Personal data refers to any information about you that enables you to be identified as an individual such as your name, contact details, and identification numbers but it also covers less obvious information such as electronic location data, and other online identifiers.
3.3 The personal data that we collect and use is set out in Part 4, below.
3.2. Personal data refers to any information about you that enables you to be identified as an individual such as your name, contact details, and identification numbers but it also covers less obvious information such as electronic location data, and other online identifiers.
3.3 The personal data that we collect and use is set out in Part 4, below.
4.1 To ensure we can provide you with the best possible care, the information that we collect about you may include details such as:
a) General information such as; name, address, telephone number, nationality, email, date of birth, health insurance ID or policy number, next of kin, NHIF number, and birth certificate number.
b) Financial information such as billing information, banking information, and method of payment.
c) Medical history such as; details about treatment and care, previous medical appointments, notes, and reports about your health, including any allergies or health conditions.
d) Medical reports such as; results of x-rays, scans, blood tests, etc.
e) Other relevant information from people who care for you and know you well, such as health professionals, relatives, and caregivers.
f) We may also collect other information about you, such as your marital status, gender, religion, or other beliefs, and whether you have a disability or require any additional support with appointments (like an interpreter or advocate).
4.2 This list is not exhaustive but indicative of the information recorded. The Hospital may use your contact details to communicate with you about your healthcare i.e. by email, telephone, or text message.
4.3 By providing us with your contact details, patients are agreeing to the Hospital using those channels to communicate with them about their healthcare, i.e. by telephone or mobile number, by text message (mobile number), or by email (email address).
4.4 The sensitive personal data that we collect include; health status, biometrics, nationality, conscience, beliefs, gender, marital status, and family details such as number of children. However, we will only collect sensitive data about you if we have your explicit consent, or if authorized under the Data Protection Legislation.
a) General information such as; name, address, telephone number, nationality, email, date of birth, health insurance ID or policy number, next of kin, NHIF number, and birth certificate number.
b) Financial information such as billing information, banking information, and method of payment.
c) Medical history such as; details about treatment and care, previous medical appointments, notes, and reports about your health, including any allergies or health conditions.
d) Medical reports such as; results of x-rays, scans, blood tests, etc.
e) Other relevant information from people who care for you and know you well, such as health professionals, relatives, and caregivers.
f) We may also collect other information about you, such as your marital status, gender, religion, or other beliefs, and whether you have a disability or require any additional support with appointments (like an interpreter or advocate).
4.2 This list is not exhaustive but indicative of the information recorded. The Hospital may use your contact details to communicate with you about your healthcare i.e. by email, telephone, or text message.
4.3 By providing us with your contact details, patients are agreeing to the Hospital using those channels to communicate with them about their healthcare, i.e. by telephone or mobile number, by text message (mobile number), or by email (email address).
4.4 The sensitive personal data that we collect include; health status, biometrics, nationality, conscience, beliefs, gender, marital status, and family details such as number of children. However, we will only collect sensitive data about you if we have your explicit consent, or if authorized under the Data Protection Legislation.
The methods by which we collect your personal data include but are not limited to the following;
a) When you fill out the patient registration form;
b) When you provide details to the Hospital’s healthcare professionals and doctors;
c) When you register for an appointment on our website and/or use features on our website;
d) When you provide your personal details to us during the course of receiving our services; and
e) By the use of cookies (more fully detailed under part 11)
a) When you fill out the patient registration form;
b) When you provide details to the Hospital’s healthcare professionals and doctors;
c) When you register for an appointment on our website and/or use features on our website;
d) When you provide your personal details to us during the course of receiving our services; and
e) By the use of cookies (more fully detailed under part 11)
1. To provide our products and services
Lawful Basis :(Performance of our contract with you)
We may use your personal information and financial information to:
• To provide effective medical services to you.
• To admit you as a patient in our facilities.
• To provide other products and services available to you at our facilities, and process payment.
• Responding and engaging with your inquiries, and service updates or feedback, including contacting you where necessary.
.
2. To Identify You
Lawful Basis :(Performance of our contract with you)
We may use your personal information, including identification information and contact information, to:
• Identity verification, establishing and administering client care services.
• Processing payments for our services.
3. For Marketing
Lawful Basis : (Consent: you can withdraw your consent at any time)
We may use your personal information, including contact information, to:
• To send promotional mailings from us via SMS, WhatsApp, or email; and
• Keeping you informed about our products and services.
4. For safety and security
Lawful Basis : (Legitimate Interest of the Data Controller)
We may use your personal information, including contact information, including but not limited to; CCTV footage, premises access records, or electronic identifiers, for security and traceability.
5. Government requirements
Lawful Basis : (Legal Obligation)
We may use your personal information, including financial information and general information, to:
• Submit the relevant statutorily required information to various institutions of the Government of Kenya, for example, NHIF;
• To investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our Terms of Use, breach of Our agreement with you or as otherwise required by law; and
• To respond to court orders, or legal processes, or to establish or exercise Our legal rights or defend against legal claims.
6.2 ‘Vital Interests’ can be used as a lawful basis where we need to share your personal data in emergency circumstances or where it is a matter of life and death.
6.3 We will not use your personal data for any purpose other than the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s). If we do use your personal data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us.
6.4 If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis that allows us to do so or seek your consent.
6.5 In some circumstances, where permitted or required by law, we may disclose your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.
Lawful Basis :(Performance of our contract with you)
We may use your personal information and financial information to:
• To provide effective medical services to you.
• To admit you as a patient in our facilities.
• To provide other products and services available to you at our facilities, and process payment.
• Responding and engaging with your inquiries, and service updates or feedback, including contacting you where necessary.
.
2. To Identify You
Lawful Basis :(Performance of our contract with you)
We may use your personal information, including identification information and contact information, to:
• Identity verification, establishing and administering client care services.
• Processing payments for our services.
3. For Marketing
Lawful Basis : (Consent: you can withdraw your consent at any time)
We may use your personal information, including contact information, to:
• To send promotional mailings from us via SMS, WhatsApp, or email; and
• Keeping you informed about our products and services.
4. For safety and security
Lawful Basis : (Legitimate Interest of the Data Controller)
We may use your personal information, including contact information, including but not limited to; CCTV footage, premises access records, or electronic identifiers, for security and traceability.
5. Government requirements
Lawful Basis : (Legal Obligation)
We may use your personal information, including financial information and general information, to:
• Submit the relevant statutorily required information to various institutions of the Government of Kenya, for example, NHIF;
• To investigate, prevent, or take action regarding illegal activities, suspected fraud, violations of our Terms of Use, breach of Our agreement with you or as otherwise required by law; and
• To respond to court orders, or legal processes, or to establish or exercise Our legal rights or defend against legal claims.
6.2 ‘Vital Interests’ can be used as a lawful basis where we need to share your personal data in emergency circumstances or where it is a matter of life and death.
6.3 We will not use your personal data for any purpose other than the purpose(s) for which it was originally collected unless we reasonably believe that another purpose is compatible with that or those original purpose(s). If we do use your personal data in this way and you wish us to explain how the new purpose is compatible with the original, please contact us.
6.4 If we need to use your personal data for a purpose that is unrelated to, or incompatible with, the purpose(s) for which it was originally collected, we will inform you and explain the legal basis that allows us to do so or seek your consent.
6.5 In some circumstances, where permitted or required by law, we may disclose your personal data without your knowledge or consent. This will only be done within the bounds of the Data Protection Legislation and your legal rights.
7.1You have the following rights, under the Data Protection Legislation, which we will always strive to respect and uphold:
a) The right to be informed about our collection and use of your personal data - this Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions.
b) The right to access the personal data we hold about you.
c) The right to have your personal data corrected if any of your personal data held by us is false, erroneous, or misleading.
d) The right to ask us to delete or otherwise dispose of any of your personal data that we hold.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us to our use of your personal data for a particular purpose or purposes.
g) The right to withdraw consent- meaning if we are relying on your consent as the lawful basis for using your personal data, you are free to withdraw that consent at any time.
h) The right to data portability- meaning you have a right to request your personal data, which you have provided to us in a structured and commonly used format for your use across different services.
i) Rights relating to automated decision-making and profiling - we do not use your personal data for automated decision-making or profiling.
7.2 For more information about our use of your personal data or exercising your rights as outlined above, please contact us by email as set out in Part 13. Note that the above rights are subject to exceptions and conditions set out under the Data Protection Legislation.
7.3 Your personal data must be kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
7.4 If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Office of the Data Protection Commissioner. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first.
a) The right to be informed about our collection and use of your personal data - this Privacy Policy should tell you everything you need to know, but you can always contact us to find out more or to ask any questions.
b) The right to access the personal data we hold about you.
c) The right to have your personal data corrected if any of your personal data held by us is false, erroneous, or misleading.
d) The right to ask us to delete or otherwise dispose of any of your personal data that we hold.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us to our use of your personal data for a particular purpose or purposes.
g) The right to withdraw consent- meaning if we are relying on your consent as the lawful basis for using your personal data, you are free to withdraw that consent at any time.
h) The right to data portability- meaning you have a right to request your personal data, which you have provided to us in a structured and commonly used format for your use across different services.
i) Rights relating to automated decision-making and profiling - we do not use your personal data for automated decision-making or profiling.
7.2 For more information about our use of your personal data or exercising your rights as outlined above, please contact us by email as set out in Part 13. Note that the above rights are subject to exceptions and conditions set out under the Data Protection Legislation.
7.3 Your personal data must be kept accurate and up-to-date. If any of the personal data we hold about you changes, please keep us informed as long as we have that data.
7.4 If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the Office of the Data Protection Commissioner. We would welcome the opportunity to resolve your concerns ourselves, however, so please contact us first.
8.1 All data sharing will be undertaken in line with the Data Protection Legislation and any other relevant law.
8.2 We will not transfer your personal information outside the country unless we have your consent or are transferring in accordance with the Data Protection Legislation.
8.2 We will not transfer your personal information outside the country unless we have your consent or are transferring in accordance with the Data Protection Legislation.
9.1 We use a high level of protection, both organizational and technical measures, to ensure we process our clients, users, and patients’ data safely. Some of the measures are:
a) Access to data via secure log-in, which is restricted by our IT teams on a need-to-know basis.
b) Monitor and audit user access - by limiting access to the minimum and necessary - to control data access abuse.
c) Use of email authentication protocols such as DKIM to prevent loss of data through email fraud.
d) Restricting access to the data centers, use of security cameras (CCTVs), and alarms to control physical access.
e) Buildings and areas that have access only through staff passes, and secure files stored in areas that are further restricted by passes and keys.
f) Restricting access to personal data - systems are only available through strictly controlled security processes. We ensure that only the right people have access to systems.
g) Encryption of passwords and use of the Health Management Information System (HMIS)
h) Enforcement of strong password policies and multifactor authentication systems.
9.2 While We will endeavour to take all reasonable and appropriate steps to keep secure any information that We hold about You and prevent unauthorized access, you acknowledge that the internet is not 100% secure and that We cannot provide any absolute assurance regarding the security of Your Personal Information. We will not be liable in any way concerning any breach of security or unintended loss or disclosure of information caused by Us concerning your Personal Information.
a) Access to data via secure log-in, which is restricted by our IT teams on a need-to-know basis.
b) Monitor and audit user access - by limiting access to the minimum and necessary - to control data access abuse.
c) Use of email authentication protocols such as DKIM to prevent loss of data through email fraud.
d) Restricting access to the data centers, use of security cameras (CCTVs), and alarms to control physical access.
e) Buildings and areas that have access only through staff passes, and secure files stored in areas that are further restricted by passes and keys.
f) Restricting access to personal data - systems are only available through strictly controlled security processes. We ensure that only the right people have access to systems.
g) Encryption of passwords and use of the Health Management Information System (HMIS)
h) Enforcement of strong password policies and multifactor authentication systems.
9.2 While We will endeavour to take all reasonable and appropriate steps to keep secure any information that We hold about You and prevent unauthorized access, you acknowledge that the internet is not 100% secure and that We cannot provide any absolute assurance regarding the security of Your Personal Information. We will not be liable in any way concerning any breach of security or unintended loss or disclosure of information caused by Us concerning your Personal Information.
We are required under the Data Protection Legislation to keep your personal data only for a specific period as lawfully required. Some of the considerations we consider when deciding on the retention of your data are:
a) Where it is stipulated under the law; and
b) The necessary time your data is needed for us to deliver the service to you.
On completion of the purpose for which your data was originally collected, we delete or de-identify your personal data. In most cases, we store your personal data for a period of five (5) years, after which the data is deleted from our records or de-identified.
a) Where it is stipulated under the law; and
b) The necessary time your data is needed for us to deliver the service to you.
On completion of the purpose for which your data was originally collected, we delete or de-identify your personal data. In most cases, we store your personal data for a period of five (5) years, after which the data is deleted from our records or de-identified.
We may store temporary or permanent ‘cookies’ on your computer. You can erase or choose to block these cookies from your computer. You can configure your computer’s browser to alert you when we attempt to send you a cookie with an option to accept or refuse the cookie. If you have turned cookies off, you may be prevented from using certain features of the Website.
If you wish to contact us in respect of part of this Privacy Policy or have any questions or would like further information regarding our handling of your personal data, or regarding the privacy of your personal or health information please contact us through:
Physical Address: First Avenue Eastleigh, Opposite DD Plaza, Nairobi
Postal Address: P.O Box 77918, Nairobi, Kenya
Email address: info@motherandchild.hospital
Mobile Number: + 254722570363
Upon receipt of your request/complaint, we will consider the details, and respond in accordance with our privacy policy and data protection legislation. The hospital treats your personal data based on the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability.
Physical Address: First Avenue Eastleigh, Opposite DD Plaza, Nairobi
Postal Address: P.O Box 77918, Nairobi, Kenya
Email address: info@motherandchild.hospital
Mobile Number: + 254722570363
Upon receipt of your request/complaint, we will consider the details, and respond in accordance with our privacy policy and data protection legislation. The hospital treats your personal data based on the principles of lawfulness, fairness, transparency, purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability.
We may change, modify, or adopt a new Privacy Policy from time to time.
If we do so, we will post it on our website and our physical premises. It’s your responsibility to check the Privacy Policy every time you submit your personal data to us. This version was last updated on 8th February 2024.
If we do so, we will post it on our website and our physical premises. It’s your responsibility to check the Privacy Policy every time you submit your personal data to us. This version was last updated on 8th February 2024.
Please keep us informed of any changes to your personal data by emailing us with full details of the changes at info@motherandchild.hospital
Caring For The Health Of You And Your Family.
We Provide All Aspects Of Medical Practice For Your Whole Family!
We will work with you to develop individualised care plans, including management of chronic diseases. If we cannot assist, we can provide referrals or advice about the type of practitioner you require. We treat all enquiries sensitively and in the strictest confidence.
- Fractures and dislocations
- Desensitisation injections
- Home medicine review
- Health Assessments
- High Quality Care
True Healthcare For Your Family!
Serve the community by improving the quality of life through better health. We have put protocols to protect our patients and staff while continuing to provide medically necessary care.
Inspiring Stories!
“Their doctors include highly qualified practitioners who come from a range of backgrounds and bring with them a diversity of skills and special interests. They also have registered nurses on staff who are available to triage any urgent matters, and the administration and support staff all have exceptional people skills”
“Their doctors include highly qualified practitioners who come from a range of backgrounds and bring with them a diversity of skills and special interests. They also have registered nurses on staff who are available to triage any urgent matters, and the administration and support staff all have exceptional people skills”
“Their doctors include highly qualified practitioners who come from a range of backgrounds and bring with them a diversity of skills and special interests. They also have registered nurses on staff who are available to triage any urgent matters, and the administration and support staff all have exceptional people skills”
